Definitely, What if you have to block 500 pornographic sites. Will te firewll rule sets handle this. If so what about the bandwidth. Regards Dharmendra.T Linux Expert nSecure Software(P) Ltd. www.nsecure.net This message is intended for the addressee only. It may contain privileged or confidential information. If you have received this message in error, please notify the sender and destroy the message immediately. Unauthorised use or reproduction of this message is strictly prohibited. On Tue, 20 Nov 2001, Eric Daigneault wrote: > At 10:00 AM scouby@vacv.com -0500, you wrote: > > Ok, sorry, I was trying to make short n sweet ! > > Ok, for the purpose of the situation, let's consider I'm pretty good in > securtity architecture and > firewalling. > > I've never been a fan of the proxying technologie, for a lot of reasons ! > And I have never used any on the architectures I have built before. > > Let consider a architecture looking like the plan1 attach here ! > > If i put my mail server in the local DMZ, there is two way to make it > accessible from the internet, POT (Port Adress Translation) or by proxy. > The same if I want to let the user access the web (80). I can make it > straight out with filtering or by proxy... And so go on for every > single internet services ! > > So, now i'm asking, why should I use a proxy... Is it really better, or not ? > > > > >Eric, > > > > > I'm working on a security architecture, and I need some opinions ! > > > > > > It's simple... with or without proxy ! > > > >You'll really need to do some research before someone can give you an > >educated response. The term "proxy" is very broad and depends on your > >environment, users, bandwidth, should be part of a firewall system, etc. > > > >Start by reading the firewalls FAQ: > >http://www.linuxsecurity.com/resource_files/firewalls/fwfaq/firewalls-faq.html > > > >Best, > >Dave > > > >-- > >Dave Wreski > >Corporate Manager Guardian Digital, Inc. > >(201) 934-9230 Pioneering. Open Source. Security. > >dave@guardiandigital.com http://www.guardiandigital.com > >------------------------------------------------------------------------ > > To unsubscribe email security-discuss-request@linuxsecurity.com > > with "unsubscribe" in the subject of the message. > > Eric Daigneault > Administrateur Systemes > Vacances Air Canada > > -- Play with the best, die like the rest -- > > -- Binary/unsupported file stripped by Listar -- > -- Type: application/msword > -- File: Plan 1.doc > > > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@linuxsecurity.com > with "unsubscribe" in the subject of the message. > -- ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
